package com.vastio.config;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.util.FileCopyUtils;
import java.io.IOException;
import java.io.InputStreamReader;

/**
 * Shiro的配置类
 * @author hjwStart
 * @time 2022-11-23 15:27
 * @version: 1.0
 */
@Configuration
public class ShiroConfig {

    // 认证过滤器
    @Bean
    public FormAuthenticationFilter authc(){
        FormAuthenticationFilter filter = new FormAuthenticationFilter();
        filter.setUsernameParam("userName");
        filter.setPasswordParam("userPwd");
        return filter;
    }

    // 登出过滤器
    @Bean
    public LogoutFilter logout(){
        LogoutFilter filter = new LogoutFilter();
        filter.setRedirectUrl("/index.html");
        return filter;
    }


    @Bean
    public ShiroFilterFactoryBean shiroFilter() throws IOException {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setLoginUrl("/index.html");
//        factoryBean.setSuccessUrl("/hello");
        factoryBean.setUnauthorizedUrl("/refuse");
        factoryBean.setSecurityManager(securityManager());
        // 设置url的访问权限
        ClassPathResource resource = new ClassPathResource("auth.properties");
        String authStr = FileCopyUtils.copyToString(new InputStreamReader(resource.getInputStream()));
        factoryBean.setFilterChainDefinitions(authStr);
        return factoryBean;
    }

    //
    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(realm());
        return securityManager;
    }

    @Bean
    public Realm realm(){
        AuthorizingRealm realm = new AuthorizingRealm() {
            @Override
            protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
                String userName = authenticationToken.getPrincipal().toString();
                SimpleAuthenticationInfo authenticationInfo = null;
                if ("admin".equals(userName)) {
                    authenticationInfo = new SimpleAuthenticationInfo(userName, "79ae1231b5934424660a8e5f2aa91393",
                            ByteSource.Util.bytes("salt"), this.getName());
                }
                return authenticationInfo;
            }

            @Override
            protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
                return null;
            }
        };
        realm.setCredentialsMatcher(credentialsMatcher());
        return realm;
    }

    @Bean
    public CredentialsMatcher credentialsMatcher(){
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashIterations(1024);
        matcher.setHashAlgorithmName("MD5");
        return matcher;
    }
}
